I am adding webhooks to a sendgrid plugin and I need to disable CSRF for an action in the plugin.
I know I can do it in the application.php but is there a way to disable it from the plugin so that it is really “plug and play”. Not requiring the user of the plugin to do config.
I have tried adding the csrf plugin to the end of the queue with my middlware function in the plugin file hoping to overwrite the existing one. No.
I have tried adding it as scoped route but not sure whats happening there.
Is it possible or is the config locked down to application.php for security reasons?